152 create a permission group for users

[gerrycampion]

See the connected Issue for details and acceptance criteria.

To test, you will need to run the static webapp locally. To simulate the prod env (restricted write access), you will need to add this env var to local.setting.json:

"CORE_AUTHOR_GROUP": "731986ea-faa8-4656-b445-414c1aa1a737"

To simulate the training env (all users have write access), do not add the env var.

When you login to the local SWA, it will request User ID and User's claims. For write permissions, one of the two will need to be true:

• User ID will need to match a user id that is a member of the CORE_AUTHOR_GROUP. To add/remove members to the group: https://portal.azure.com/#view/Microsoft_AAD_IAM/GroupDetailsMenuBlade/~/Members/groupId/731986ea-faa8-4656-b445-414c1aa1a737
• User's Claim extension_CompanyName val will need to be "CDISC". For example:

  [
  {
  "typ": "name",
  "val": "Gerry Campion"
  },
  {
  "typ": "extension_CompanyName",
  "val": "CDISC"
  }
  ]

If a user does not have write permissions, they should only be able to view/test rules. If they have write permissions, they should be able to do everything else, like modify, save, publish.

I've created a new related issue for securing the API: https://github.com/cdisc-org/conformance-rules-editor/issues/153 Note that this issue has always existed and is not newly introduced by this update.

[github-actions[bot]]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://icy-flower-095494b10-154.centralus.azurestaticapps.net

[github-actions[bot]]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://icy-flower-095494b10-154.centralus.azurestaticapps.net